@kennethsolomon/shipkit 3.6.0 → 3.8.0

package/skills/sk:setup-claude/templates/hooks/pre-compact.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# Claude Code PreCompact hook: Preserve session state before context compression
+# Outputs critical state so Claude retains it after compaction
+
+echo "=== Pre-Compaction State Snapshot ==="
+
+# Workflow status
+if [ -f "tasks/workflow-status.md" ]; then
+    echo ""
+    echo "--- workflow-status.md ---"
+    cat "tasks/workflow-status.md" 2>/dev/null | head -30
+    TOTAL_LINES=$(wc -l < "tasks/workflow-status.md" 2>/dev/null | tr -d ' ')
+    if [ "$TOTAL_LINES" -gt 30 ]; then
+        echo "  ... ($TOTAL_LINES total lines)"
+    fi
+fi
+
+# Git status
+echo ""
+echo "--- Uncommitted Changes ---"
+STAGED=$(git diff --cached --name-only 2>/dev/null)
+UNSTAGED=$(git diff --name-only 2>/dev/null)
+UNTRACKED=$(git ls-files --others --exclude-standard 2>/dev/null)
+
+[ -n "$STAGED" ] && echo "Staged:" && echo "$STAGED" | sed 's/^/  /'
+[ -n "$UNSTAGED" ] && echo "Unstaged:" && echo "$UNSTAGED" | sed 's/^/  /'
+[ -n "$UNTRACKED" ] && echo "Untracked:" && echo "$UNTRACKED" | sed 's/^/  /'
+
+if [ -z "$STAGED" ] && [ -z "$UNSTAGED" ] && [ -z "$UNTRACKED" ]; then
+    echo "  (clean)"
+fi
+
+# Log compaction event
+if [ -d "tasks" ]; then
+    echo "" >> "tasks/progress.md" 2>/dev/null
+    echo "### [$(date +%Y-%m-%d)] Context compaction occurred at $(date +%H:%M:%S)" >> "tasks/progress.md" 2>/dev/null
+fi
+
+echo ""
+echo "--- Recovery ---"
+echo "Read tasks/workflow-status.md to restore current step."
+echo "Read tasks/progress.md for recent work."
+echo "==================================="
+exit 0

package/skills/sk:setup-claude/templates/hooks/session-start.sh

@@ -0,0 +1,53 @@
+#!/bin/bash
+# Claude Code SessionStart hook: Load project context at session start
+# Outputs context that Claude sees when a session begins
+
+echo "=== ShipKit — Session Context ==="
+
+# Current branch
+BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
+if [ -n "$BRANCH" ]; then
+    echo "Branch: $BRANCH"
+    echo ""
+    echo "Recent commits:"
+    git log --oneline -5 2>/dev/null | while read -r line; do
+        echo "  $line"
+    done
+fi
+
+# Current workflow step from workflow-status.md
+if [ -f "tasks/workflow-status.md" ]; then
+    echo ""
+    NEXT_STEP=$(grep -E ">>\s*next\s*<<" "tasks/workflow-status.md" 2>/dev/null | head -1)
+    if [ -n "$NEXT_STEP" ]; then
+        echo "Workflow: $NEXT_STEP"
+    else
+        echo "Workflow: all steps complete or not started"
+    fi
+fi
+
+# Tech debt count
+if [ -f "tasks/tech-debt.md" ]; then
+    TOTAL=$(grep -c "^### \[" "tasks/tech-debt.md" 2>/dev/null || echo 0)
+    RESOLVED=$(grep -c "^Resolved:" "tasks/tech-debt.md" 2>/dev/null || echo 0)
+    UNRESOLVED=$((TOTAL - RESOLVED))
+    if [ "$UNRESOLVED" -gt 0 ]; then
+        echo "Tech Debt: $UNRESOLVED unresolved item(s)"
+    fi
+fi
+
+# Code health (skip on large codebases to keep session start fast)
+if [ -d "src" ]; then
+    FILE_COUNT=$(find src/ -type f 2>/dev/null | head -1001 | wc -l | tr -d ' ')
+    if [ "$FILE_COUNT" -le 1000 ]; then
+        TODO_COUNT=$(grep -r "TODO" src/ 2>/dev/null | wc -l | tr -d ' ')
+        FIXME_COUNT=$(grep -r "FIXME" src/ 2>/dev/null | wc -l | tr -d ' ')
+        if [ "$TODO_COUNT" -gt 0 ] || [ "$FIXME_COUNT" -gt 0 ]; then
+            echo ""
+            echo "Code health: ${TODO_COUNT} TODOs, ${FIXME_COUNT} FIXMEs in src/"
+        fi
+    fi
+fi
+
+echo "==================================="
+exit 0

package/skills/sk:setup-claude/templates/hooks/session-stop.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+# Claude Code Stop hook: Log session accomplishments
+# Runs when a Claude Code session ends
+
+# Only log if tasks/ directory exists (ShipKit project)
+if [ ! -d "tasks" ]; then
+    exit 0
+fi
+
+TIMESTAMP=$(date +%Y-%m-%d\ %H:%M:%S)
+
+# Get current branch
+BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo "unknown")
+
+# Count commits in this session (last hour)
+RECENT_COMMITS=$(git log --since="1 hour ago" --oneline 2>/dev/null | wc -l | tr -d ' ')
+
+# Get current workflow step
+CURRENT_STEP=""
+if [ -f "tasks/workflow-status.md" ]; then
+    CURRENT_STEP=$(grep -E ">>\s*next\s*<<" "tasks/workflow-status.md" 2>/dev/null | head -1 | sed 's/.*| //' | sed 's/ |.*//')
+fi
+
+# Append session end to progress.md
+{
+    echo ""
+    echo "### [$TIMESTAMP] Session ended"
+    echo "- Branch: $BRANCH"
+    echo "- Commits this session: $RECENT_COMMITS"
+    [ -n "$CURRENT_STEP" ] && echo "- Next step: $CURRENT_STEP"
+} >> "tasks/progress.md" 2>/dev/null
+
+exit 0

package/skills/sk:setup-claude/templates/hooks/validate-commit.sh

@@ -0,0 +1,81 @@
+#!/bin/bash
+# Claude Code PreToolUse hook: Validates git commit commands
+# Receives JSON on stdin with tool_input.command
+# Exit 0 = allow, Exit 2 = block (stderr shown to Claude)
+#
+# Validates: conventional commit format, debug statements, hardcoded secrets
+
+INPUT=$(cat)
+
+# Parse command — use jq if available, fall back to grep
+if command -v jq >/dev/null 2>&1; then
+    COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
+else
+    COMMAND=$(echo "$INPUT" | grep -oE '"command"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"command"[[:space:]]*:[[:space:]]*"//;s/"$//')
+fi
+
+# Only process git commit commands
+if ! echo "$COMMAND" | grep -qE '^git[[:space:]]+commit'; then
+    exit 0
+fi
+
+WARNINGS=""
+
+# Extract commit message from -m flag
+COMMIT_MSG=$(echo "$COMMAND" | grep -oE '\-m[[:space:]]+"[^"]*"' | sed 's/-m[[:space:]]*"//;s/"$//' || echo "")
+if [ -z "$COMMIT_MSG" ]; then
+    COMMIT_MSG=$(echo "$COMMAND" | grep -oE "\-m[[:space:]]+'[^']*'" | sed "s/-m[[:space:]]*'//;s/'$//" || echo "")
+fi
+
+# Validate conventional commit format (type(scope): message or type: message)
+if [ -n "$COMMIT_MSG" ]; then
+    if ! echo "$COMMIT_MSG" | grep -qE '^(feat|fix|docs|refactor|chore|test|style|perf|ci|build|revert)(\([a-zA-Z0-9_-]+\))?(!)?:[[:space:]].+'; then
+        WARNINGS="$WARNINGS\nCOMMIT: Message does not follow conventional commit format: type(scope): message"
+    fi
+fi
+
+# Check staged files for debug statements and secrets
+STAGED=$(git diff --cached --name-only 2>/dev/null)
+if [ -n "$STAGED" ]; then
+    # Read full staged diff once (avoids repeated git subprocess calls per file)
+    FULL_DIFF=$(git diff --cached 2>/dev/null)
+
+    while IFS= read -r file; do
+        if [ -f "$file" ]; then
+            FILE_DIFF=$(echo "$FULL_DIFF" | sed -n "/^diff --git a\/$file /,/^diff --git /p")
+            # JavaScript/TypeScript debug
+            if echo "$file" | grep -qE '\.(js|ts|jsx|tsx)$'; then
+                if echo "$FILE_DIFF" | grep -E '^\+.*console\.(log|debug|warn)\(' | grep -qv '//.*console'; then
+                    WARNINGS="$WARNINGS\nDEBUG: $file has console.log/debug/warn in staged changes"
+                fi
+                if echo "$FILE_DIFF" | grep -qE '^\+.*debugger'; then
+                    WARNINGS="$WARNINGS\nDEBUG: $file has debugger statement in staged changes"
+                fi
+            fi
+            # PHP debug
+            if echo "$file" | grep -qE '\.php$'; then
+                if echo "$FILE_DIFF" | grep -qE '^\+.*(dd\(|dump\(|var_dump\(|print_r\()'; then
+                    WARNINGS="$WARNINGS\nDEBUG: $file has dd/dump/var_dump in staged changes"
+                fi
+            fi
+            # Python debug
+            if echo "$file" | grep -qE '\.py$'; then
+                if echo "$FILE_DIFF" | grep -qE '^\+.*(breakpoint\(\)|pdb\.set_trace\(\))'; then
+                    WARNINGS="$WARNINGS\nDEBUG: $file has breakpoint/pdb in staged changes"
+                fi
+            fi
+        fi
+    done <<< "$STAGED"
+
+    # Check for potential hardcoded secrets (reuse FULL_DIFF)
+    if echo "$FULL_DIFF" | grep -qE '^\+.*(PRIVATE_KEY|SECRET_KEY|API_KEY|PASSWORD|TOKEN)[[:space:]]*=.*[a-zA-Z0-9]{16,}'; then
+        WARNINGS="$WARNINGS\nSECRET: Staged changes may contain hardcoded secrets. Review before committing."
+    fi
+fi
+
+# Print warnings (non-blocking) and allow commit
+if [ -n "$WARNINGS" ]; then
+    echo -e "=== Commit Validation Warnings ===$WARNINGS\n================================" >&2
+fi
+
+exit 0

package/skills/sk:setup-claude/templates/hooks/validate-push.sh

@@ -0,0 +1,43 @@
+#!/bin/bash
+# Claude Code PreToolUse hook: Warns on push to protected branches
+# Receives JSON on stdin with tool_input.command
+# Exit 0 = allow (warnings only), Exit 2 = block
+#
+# Warns on: push to main/master/production/release, force push
+
+INPUT=$(cat)
+
+# Parse command
+if command -v jq >/dev/null 2>&1; then
+    COMMAND=$(echo "$INPUT" | jq -r '.tool_input.command // empty')
+else
+    COMMAND=$(echo "$INPUT" | grep -oE '"command"[[:space:]]*:[[:space:]]*"[^"]*"' | sed 's/"command"[[:space:]]*:[[:space:]]*"//;s/"$//')
+fi
+
+# Only process git push commands
+if ! echo "$COMMAND" | grep -qE '^git[[:space:]]+push'; then
+    exit 0
+fi
+
+WARNINGS=""
+
+# Check for protected branch names
+for branch in main master production release; do
+    if echo "$COMMAND" | grep -qE "(origin[[:space:]]+${branch}|[[:space:]]${branch}$)"; then
+        WARNINGS="$WARNINGS\nPROTECTED: Pushing to '${branch}' — this is a protected branch. Confirm this is intentional."
+    fi
+done
+
+# Check for force push
+if echo "$COMMAND" | grep -qE '\-\-force([[:space:]]|$)|\-f([[:space:]]|$)'; then
+    WARNINGS="$WARNINGS\nFORCE: Using --force push. This rewrites remote history and is destructive."
+fi
+if echo "$COMMAND" | grep -qE '\-\-force-with-lease'; then
+    WARNINGS="$WARNINGS\nFORCE: Using --force-with-lease. Safer than --force but still rewrites history."
+fi
+
+if [ -n "$WARNINGS" ]; then
+    echo -e "=== Push Validation Warnings ===$WARNINGS\n================================" >&2
+fi
+
+exit 0

package/skills/sk:setup-claude/templates/tasks/workflow-status.md.template

@@ -16,19 +16,13 @@
 | 9 | Write Tests (`/sk:write-tests`) | not yet | |
 | 10 | Implement (`/sk:execute-plan`) | not yet | |
 | 11 | Commit (`/sk:smart-commit`) | not yet | |
-| 12 | **Lint + Dep Audit** (`/sk:lint`) | not yet | HARD GATE — loop until clean |
-| 13 | Commit (`/sk:smart-commit`) | not yet | conditional |
-| 14 | **Verify Tests** (`/sk:test`) | not yet | HARD GATE — 100% coverage |
-| 15 | Commit (`/sk:smart-commit`) | not yet | conditional |
-| 16 | **Security** (`/sk:security-check`) | not yet | HARD GATE — 0 issues |
-| 17 | Commit (`/sk:smart-commit`) | not yet | conditional |
-| 18 | Performance (`/sk:perf`) | not yet | optional gate |
-| 19 | Commit (`/sk:smart-commit`) | not yet | conditional |
-| 20 | **Review + Simplify** (`/sk:review`) | not yet | HARD GATE — 0 issues |
-| 21 | Commit (`/sk:smart-commit`) | not yet | conditional |
-| 22 | **E2E** (`/sk:e2e`) | not yet | HARD GATE — all E2E scenarios must pass |
-| 23 | Commit (`/sk:smart-commit`) | not yet | conditional — skip if E2E was clean |
-| 24 | Update (`/sk:update-task`) | not yet | |
-| 25 | Finalize (`/sk:finish-feature`) | not yet | |
-| 26 | Sync Features (`/sk:features`) | not yet | required — sync feature specs after ship |
-| 27 | Release (`/sk:release`) | not yet | optional |
+| 12 | **Lint + Dep Audit** (`/sk:lint`) | not yet | HARD GATE — loop until clean, gates own their commits |
+| 13 | **Verify Tests** (`/sk:test`) | not yet | HARD GATE — 100% coverage, gates own their commits |
+| 14 | **Security** (`/sk:security-check`) | not yet | HARD GATE — 0 issues, gates own their commits |
+| 15 | Performance (`/sk:perf`) | not yet | optional gate, gates own their commits |
+| 16 | **Review + Simplify** (`/sk:review`) | not yet | HARD GATE — 0 issues, gates own their commits |
+| 17 | **E2E** (`/sk:e2e`) | not yet | HARD GATE — all E2E scenarios must pass, gates own their commits |
+| 18 | Update (`/sk:update-task`) | not yet | |
+| 19 | Finalize (`/sk:finish-feature`) | not yet | |
+| 20 | Sync Features (`/sk:features`) | not yet | required — sync feature specs after ship |
+| 21 | Release (`/sk:release`) | not yet | optional |

package/skills/sk:setup-optimizer/SKILL.md

@@ -43,7 +43,7 @@ Before making any changes, runs a diagnostic pass on the existing CLAUDE.md:
 - **Stale content** — detects outdated info (stale model/route counts, removed dependencies, old command names like `/laravel-lint` instead of `/sk:lint`)
 - **Inconsistencies** — compares documented vs actual project state (directories, scripts, workflows)
 - **Section completeness** — flags sections that exist but are empty or have only placeholder text
-- **Outdated workflow** — checks if the workflow matches the current 27-step TDD flow with hard gates
+- **Outdated workflow** — checks if the workflow matches the current 21-step TDD flow with hard gates
 
 Reports findings before proceeding. If issues are found, they inform subsequent steps.
 
@@ -51,15 +51,15 @@ Reports findings before proceeding. If issues are found, they inform subsequent
 
 If the workflow section is outdated or missing, replace it with the latest version:
 
-**Current workflow (27 steps, TDD with hard gates):**
+**Current workflow (21 steps, TDD with hard gates):**
 ```
 Read → Explore → Design → Accessibility → Plan → Branch → Migrate → Write Tests → Implement → Lint → Verify Tests → Security → Performance → Review → E2E Tests → Finish → Sync Features
 ```
 
 **What gets updated:**
-- Workflow table (27 steps with correct commands: `/sk:write-tests`, `/sk:lint`, `/sk:test`, `/sk:accessibility`, `/sk:perf`, `/sk:e2e`)
+- Workflow table (21 steps with correct commands: `/sk:write-tests`, `/sk:lint`, `/sk:test`, `/sk:accessibility`, `/sk:perf`, `/sk:e2e`)
 - Step details (TDD red/green/verify descriptions)
-- Tracker rules (hard gates at 12, 14, 16, 20, 22; optional steps 4, 5, 8, 18, 27)
+- Tracker rules (hard gates at 12, 14, 16, 20, 17; optional steps 4, 5, 8, 18, 21)
 - Step completion summary rule (NON-NEGOTIABLE)
 - Bug fix flow section
 - Sub-Agent Patterns section (if missing)

package/skills/sk:test/SKILL.md

@@ -126,8 +126,12 @@ Sub-agent 3: [FE command]
 - Read the failure output carefully — identify the root cause
 - Fix the failing **implementation code** or test setup, not the test assertions (tests define expected behavior)
 - Do NOT skip, mark incomplete, or delete failing tests
-- Re-run the failing suite until all tests pass
-- If a fix changes behavior, confirm with the user before applying
+- Auto-commit with message `fix(test): resolve failing tests` — do NOT ask the user
+- Re-run the failing suite
+- Loop until all pass
+- Fix the implementation and auto-commit. If the fix is a logic change (new behavior, changed contract), update the relevant tests to reflect the new behavior before committing.
+
+> Gates own their commits — the fix-commit-rerun loop is fully internal. No manual commit step needed after this gate.
 
 ### 5. Verify Coverage